﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Data.SqlClient;

public partial class 用户管理_update : System.Web.UI.Page
{

    bool isLogin = false;


    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["userinfo"] == null)
            isLogin = false;
        else
            isLogin = true;
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (isLogin)
        {
            管理员信息表 info = (管理员信息表)Session["userinfo"];
            string username = info.username;
            string password = this.TextBox2.Text;
            MD5 md5 = new MD5CryptoServiceProvider();
            int seed = DateTime.Now.GetHashCode();
            password += seed.ToString();
            byte[] b = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
            password = "";
            for (int i = 0; i < b.Length; i++)
            {
                password += b[i].ToString("X");
            }
            SqlConnection conn = DataBase.getConnection();
            string sql = "update dbo.管理员信息表 set password = @password,seed = @seed  where username = @username";

            SqlCommand cmd = new SqlCommand(sql, conn);
            if(conn.State==ConnectionState.Closed)
                conn.Open();
            cmd.Parameters.Add("@username", SqlDbType.NVarChar, 50);
            cmd.Parameters.Add("@password", SqlDbType.NVarChar, 100);
            //cmd.Parameters.Add("@degree", SqlDbType.NVarChar, 50);
            cmd.Parameters.Add("@seed", SqlDbType.NVarChar, 50);

            cmd.Parameters["@username"].Value = username;
            cmd.Parameters["@password"].Value = password;
            //cmd.Parameters["@degree"].Value = DBNull.Value;
            cmd.Parameters["@seed"].Value = seed.ToString();
            //SqlDataReader sdr = cmd.ExecuteReader();
            int count = cmd.ExecuteNonQuery();
            if (count > 0)
            {
                Session.Remove("userinfo");
                form1.Target = "main";
                Response.Write("<script language='javascript'>parent.location.href='../login.aspx';</script>");

            }

        }
    }
}
